HPKP (HTTP Public Key Pinning) is a way to "pin" public keys so that attackers cannot establish a secure connection with rogue certificates (obtained from, say for example, a compromised CA).
This is a request to implement it in Pale Moon.
BMO bug: https://bugzilla.mozilla.org/show_bug.cgi?id=787133
Implement HPKP
Forum rules
Please keep everything here strictly on-topic.
This board is meant for Pale Moon source code development related subjects only like code snippets, patches, specific bugs, git, the repositories, etc.
This is not for tech support! Please do not post tech support questions in the "Development" board!
Please make sure not to use this board for support questions. Please post issues with specific websites, extensions, etc. in the relevant boards for those topics.
Please keep things on-topic as this forum will be used for reference for Pale Moon development. Expect topics that aren't relevant as such to be moved or deleted.
Please keep everything here strictly on-topic.
This board is meant for Pale Moon source code development related subjects only like code snippets, patches, specific bugs, git, the repositories, etc.
This is not for tech support! Please do not post tech support questions in the "Development" board!
Please make sure not to use this board for support questions. Please post issues with specific websites, extensions, etc. in the relevant boards for those topics.
Please keep things on-topic as this forum will be used for reference for Pale Moon development. Expect topics that aren't relevant as such to be moved or deleted.
Re: Implement HPKP
That's a complex undertaking for only a marginal gain.
bug #787133 is rather involved and builds on top of a number of refactors so can't easily be ported, and is far from the only bug required. See also bug #744204 and dependencies if you want to do it the Mozilla way (which I'm frankly not sure is a good idea because it implements preloaded/biased lists and as such is not vendor-neutral at all).
It's probably better to write this according to spec from scratch, if it is to be implemented.
bug #787133 is rather involved and builds on top of a number of refactors so can't easily be ported, and is far from the only bug required. See also bug #744204 and dependencies if you want to do it the Mozilla way (which I'm frankly not sure is a good idea because it implements preloaded/biased lists and as such is not vendor-neutral at all).
It's probably better to write this according to spec from scratch, if it is to be implemented.
"Sometimes, the best way to get what you want is to be a good person." -- Louis Rossmann
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
-
dave on linux
Re: Implement HPKP
Is this being worked on already or in a foreseeable time?
I've personally come to the conclusion that I'd rather trust servers setting HPKP themselves than any of the underlying CAs possibly just pretending to give security. I do recognize there are issues the server being less secured than a CA or making HPKP behave like a super-cookie, but again if I were to pick whether to trust a server I interact with confidential data already or an unrelated CA I'd personally always pick the former.
I've personally come to the conclusion that I'd rather trust servers setting HPKP themselves than any of the underlying CAs possibly just pretending to give security. I do recognize there are issues the server being less secured than a CA or making HPKP behave like a super-cookie, but again if I were to pick whether to trust a server I interact with confidential data already or an unrelated CA I'd personally always pick the former.
-
dave on linux
Re: Implement HPKP
For the time being I'm using Certificate Patrol which reports new and changed certificates and optionally display a nice certification hierarchy each. (Being notified by it: Why does this site use Cloudflare? HTTPS is useless if a proprietary commercial proxy service like Cloudflare is allowed to sit in between.)
Re: Implement HPKP
The forum is behind cloudflare to reduce its attack surface. HTTPS for it is a courtesy, and it's not like the forum is a payment processor -- also, I trust that CF knows what they are doing on their business accounts.dave on linux wrote:Why does this site use Cloudflare? HTTPS is useless if a proprietary commercial proxy service like Cloudflare is allowed to sit in between.
Off-topic:
Edit: I've taken the forum off of CloudFlare considering it avoids a few issues I needed custom rules for that don't always work 100% (I blame phpBB 3.1 for that though, not CF).
TOR users can be happy not having to deal with the captchas as a result, but posting is still not permitted.
Edit: I've taken the forum off of CloudFlare considering it avoids a few issues I needed custom rules for that don't always work 100% (I blame phpBB 3.1 for that though, not CF).
TOR users can be happy not having to deal with the captchas as a result, but posting is still not permitted.
"Sometimes, the best way to get what you want is to be a good person." -- Louis Rossmann
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite
"Seek wisdom, not knowledge. Knowledge is of the past; wisdom is of the future." -- Native American proverb
"Linux makes everything difficult." -- Lyceus Anubite